mod_sec improves your security and it helps little protection against sql injection. However to prevent all sql injection always use latest version of the scripts and setup proper CHMOD under all directories.
tar zxf modsecurity-apache_2.5.13.tar.gz
./configure && make && make install
Load and configure it ( include a file in httpd.conf and put the following code before all your rules)